/**
 * Copyright (c) 2017,http://www.365wuliu.com/  All Rights Reserved.
 */
package com.cargo.business.login.controller;

import com.cargo.base.exceptions.CommonException;
import com.cargo.base.messagebox.MessageBox;
import com.cargo.base.utils.CheckUtil;
import com.cargo.base.utils.PropertiesUtil;
import com.cargo.business.login.service.LoginService;
import com.cargo.business.login.vo.SalesUserVO;
import com.cargo.common.controller.BaseController;
import com.cargo.security.JWTUtils;
import com.cargo.security.ShiroUser;
import com.wordnik.swagger.annotations.Api;
import com.wordnik.swagger.annotations.ApiOperation;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.MediaType;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.*;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.HashMap;
import java.util.Map;

/** 
 * LoginController:WebSystem用户登录
 * @Project Name:topsales_services 
 * @File Name:LoginController.java 
 * @Package Name:com.cargo.business.topsales.system.login.controller
 * @Creator:wizard
 * @Date:2017年9月20日上午9:26:39 
 */
@Controller
@RequestMapping("login")
@Api(value = "websystem_login", description = "websystem登录", produces = MediaType.APPLICATION_JSON_VALUE)
public class LoginController extends BaseController {
	
	@Autowired
	private LoginService loginService;
	
	/**
	 * sysLogin:(用户密码登录).
	 * @param request
	 * @param response
	 * @param salesUserVO
	 * @return 
	 * @return :MessageBox 
	 * @Creator:wizard
	 * @Date:2017年9月20日 上午11:36:23
	 */
	@RequestMapping(value = "passwordlogin", method = RequestMethod.POST)
	@ResponseBody
	@ApiOperation(value = "系统登录", notes = "系统登录", httpMethod = "POST", produces = MediaType.APPLICATION_JSON_VALUE)
	public MessageBox sysLogin(HttpServletRequest request, HttpServletResponse response, @ModelAttribute SalesUserVO salesUserVO) {
		try {
			ShiroUser shiroUser = loginService.adminLogin(salesUserVO);
			if (CheckUtil.checkObj(shiroUser)) {
				// Shiro登录权限控制
				String usernamekey = JWTUtils.encode(shiroUser);
				Subject subject = SecurityUtils.getSubject();
				UsernamePasswordToken token = new UsernamePasswordToken(usernamekey, salesUserVO.getPassword());
				subject.login(token);
				Map<String, String> validateMap = new HashMap<String, String>();
				validateMap.put("apiKey", usernamekey);
				validateMap.put("userName", shiroUser.getUserName());
				//validateMap.put("permissions", new Gson().toJson(shiroUser.getPermissions()));//放菜单权限
				//validateMap.put("userLevel", shiroUser.getUserLevel().toString());
				validateMap.put("userId", shiroUser.getUserId().toString());
				validateMap.put("mobile", shiroUser.getPhoneNumber());
				validateMap.put("headPic", shiroUser.getHeadPic());
				validateMap.put("nameCn", shiroUser.getNickName());
				validateMap.put("email", shiroUser.getEmail());
				validateMap.put("companyLogo", shiroUser.getLogo());
				validateMap.put("companyName", shiroUser.getCompanyName());
				//validateMap.put("companyId", shiroUser.getCompanyId().toString());
				// 将companyId放在session中
				request.getSession().setAttribute("companyId", shiroUser.getCompanyId());
				return MessageBox.build(PropertiesUtil.getValue("common.success.code"), "登录成功", validateMap);
			} else {
				return MessageBox.build(PropertiesUtil.getValue("common.fail.code"), "登录失败");
			}
		} catch (CommonException e) {
			return MessageBox.build(PropertiesUtil.getValue("common.fail.code"), e.getMessage());
		} catch (Exception e) {
			return MessageBox.build(PropertiesUtil.getValue("common.fail.code"), PropertiesUtil.getValue("common.fail.msg"));
		}
	}

	
	/**
	 * loginOut:(退出登录).
	 * @return 
	 * @return :MessageBox 
	 * @Creator:wizard
	 * @Date:2017年9月20日 下午3:11:03
	 */
	@RequestMapping(value = "loginOut", method = RequestMethod.POST)
	@ResponseBody
	@ApiOperation(value = "系统退出", notes = "系统退出", httpMethod = "POST", produces = MediaType.APPLICATION_JSON_VALUE)
	public MessageBox loginOut() {
		try {
			Subject subject = SecurityUtils.getSubject();
			subject.logout();
			return MessageBox.build(PropertiesUtil.getValue("common.success.code"), "退出成功");
		} catch (Exception e) {
			return MessageBox.build(PropertiesUtil.getValue("common.fail.code"), "退出失败");
		}
	}
}
